Proper settings
Summary
Currently, settings are applied via environment variables. This is bad.
http://movingfast.io/articles/environment-variables-considered-harmful/
While this is good enough when running in Docker. It is a pain when running it outside of Docker. This kills portability.
It also kills potential features like a proper "admin area" where the settings can be applied from the site itself or a "setup" page for more user friendliness.
It also kills operators use of existing automation tools such as Chef, Puppet, etc.
Currently, we're using settings.py
to store the settings in Python. Since it's part of the actual program instead of a simple text-file loaded by the program. It is possible settings.py
can be malicious. Not to mention by doing this we ignore a lot of tests and moving part of the source code is awful when having it stored inside a data folder to run the program like when it's installed as a proper python/distribution package.
Proposal
I'm proposing to have a simple directory location to store settings. This directory can by default be $(pwd)/settings/
and for simplicity I think Python's built-in configuration format is good enough for what we need.
The text files in the settings
can simply be treated as if they're combined into one file. Priority of the files can be simply be done by sorting the filenames, for example 00-base.ini
, 01-database.ini
. 01
is bigger than 00
so changes/variables made in 01
will be more important and change the ones on 00
By doing that, the configuration made by the potential Admin area can be simply applied as a file containing the settings which will be the last one loaded/applied.